What: National Crime Agency arrests four suspects in connection with coordinated cyber attacks on M&S, Harrods, and Co-op, marking a significant breakthrough in retail cybersecurity enforcement.

Why it is important: The arrests highlight the evolving nature of retail cybersecurity threats, requiring unprecedented cooperation between international law enforcement agencies and demonstrating the critical importance of robust digital protection in modern retail operations.

The National Crime Agency has apprehended four individuals in connection with a series of sophisticated cyber attacks targeting major UK retailers. The suspects, including two 19-year-old men, a 17-year-old boy, and a 20-year-old woman, face charges related to computer misuse, blackmail, money laundering, and organised crime activities. The arrests, supported by regional crime units, represent a significant breakthrough in the investigation of attacks that severely impacted Marks & Spencer, Harrods, and the Co-op. M&S alone suffered GBP 300m in lost profit, with the incident disrupting their online operations and supply chain management. The investigation has involved unprecedented cooperation between UK authorities and international law enforcement, including the FBI. M&S chairman Archie Norman's appearance before the Business and Trade Committee emphasised the broader implications for the UK economy, highlighting the critical need for enhanced cyber resilience to maintain the country's attractiveness for business investment.

IADS Notes: The series of cyber attacks on major UK retailers in 2025 marks a watershed moment in retail cybersecurity. In April 2025, the Scattered Spider group's attack on M&S resulted in a GBP 300 million profit impact and wiped GBP 700 million off their market value, while disrupting GBP 3.5 million in daily digital sales. By May 2025, both Harrods and Co-op suffered similar breaches, with Co-op's incident affecting up to 20 million customers. The unprecedented scale of these attacks has transformed the cyber insurance landscape, driving a 10% increase in premiums across the UK retail sector. While M&S's customer recommendation rates dropped from 87% to 73%, their transparent crisis management helped maintain underlying trust at 82%. The involvement of the FBI alongside UK authorities underscores the growing sophistication of cyber threats, particularly as industry data shows ransomware now accounts for 30% of retail security incidents, with average losses reaching £1.4 million per attack.

Four arrested over M&S and Harrods cyber-attacks